├── .gitattributes
├── .gitignore
├── pom.xml
└── src
    └── main
        ├── java
            └── com
            │   └── sprsec
            │       ├── controller
            │           ├── LinkNavigation.java
            │           └── SecurityNavigation.java
            │       ├── dao
            │           ├── RoleDAO.java
            │           ├── RoleDAOImpl.java
            │           ├── UserDAO.java
            │           └── UserDAOImpl.java
            │       ├── init
            │           ├── Initializer.java
            │           ├── RootConfig.java
            │           ├── SecurityConfig.java
            │           ├── SecurityInitializer.java
            │           └── WebAppConfig.java
            │       ├── model
            │           ├── Role.java
            │           └── User.java
            │       └── service
            │           ├── CustomUserDetailsService.java
            │           ├── RoleService.java
            │           ├── RoleServiceImpl.java
            │           ├── UserService.java
            │           └── UserServiceImpl.java
        ├── resources
            └── application.properties
        └── webapp
            ├── META-INF
                ├── MANIFEST.MF
                └── maven
                │   └── com
                │       └── security-spr
                │           ├── pom.properties
                │           └── pom.xml
            └── WEB-INF
                ├── pages
                    ├── admin-first.jsp
                    ├── admin-second.jsp
                    ├── home.jsp
                    ├── login-form.jsp
                    ├── moderation.jsp
                    └── success-login.jsp
                └── web.xml


/.gitattributes:
--------------------------------------------------------------------------------
 1 | # Auto detect text files and perform LF normalization
 2 | * text=auto
 3 | 
 4 | # Custom for Visual Studio
 5 | *.cs     diff=csharp
 6 | *.sln    merge=union
 7 | *.csproj merge=union
 8 | *.vbproj merge=union
 9 | *.fsproj merge=union
10 | *.dbproj merge=union
11 | 
12 | # Standard to msysgit
13 | *.doc	 diff=astextplain
14 | *.DOC	 diff=astextplain
15 | *.docx diff=astextplain
16 | *.DOCX diff=astextplain
17 | *.dot  diff=astextplain
18 | *.DOT  diff=astextplain
19 | *.pdf  diff=astextplain
20 | *.PDF	 diff=astextplain
21 | *.rtf	 diff=astextplain
22 | *.RTF	 diff=astextplain
23 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
  1 | #################
  2 | ## Eclipse
  3 | #################
  4 | 
  5 | *.pydevproject
  6 | .project
  7 | .metadata
  8 | bin/
  9 | tmp/
 10 | *.tmp
 11 | *.bak
 12 | *.swp
 13 | *~.nib
 14 | local.properties
 15 | .classpath
 16 | .settings/
 17 | .loadpath
 18 | 
 19 | # External tool builders
 20 | .externalToolBuilders/
 21 | 
 22 | # Locally stored "Eclipse launch configurations"
 23 | *.launch
 24 | 
 25 | # CDT-specific
 26 | .cproject
 27 | 
 28 | # PDT-specific
 29 | .buildpath
 30 | 
 31 | 
 32 | #################
 33 | ## Visual Studio
 34 | #################
 35 | 
 36 | ## Ignore Visual Studio temporary files, build results, and
 37 | ## files generated by popular Visual Studio add-ons.
 38 | 
 39 | # User-specific files
 40 | *.suo
 41 | *.user
 42 | *.sln.docstates
 43 | 
 44 | # Build results
 45 | [Dd]ebug/
 46 | [Rr]elease/
 47 | *_i.c
 48 | *_p.c
 49 | *.ilk
 50 | *.meta
 51 | *.obj
 52 | *.pch
 53 | *.pdb
 54 | *.pgc
 55 | *.pgd
 56 | *.rsp
 57 | *.sbr
 58 | *.tlb
 59 | *.tli
 60 | *.tlh
 61 | *.tmp
 62 | *.vspscc
 63 | .builds
 64 | *.dotCover
 65 | 
 66 | ## TODO: If you have NuGet Package Restore enabled, uncomment this
 67 | #packages/
 68 | 
 69 | # Visual C++ cache files
 70 | ipch/
 71 | *.aps
 72 | *.ncb
 73 | *.opensdf
 74 | *.sdf
 75 | 
 76 | # Visual Studio profiler
 77 | *.psess
 78 | *.vsp
 79 | 
 80 | # ReSharper is a .NET coding add-in
 81 | _ReSharper*
 82 | 
 83 | # Installshield output folder
 84 | [Ee]xpress
 85 | 
 86 | # DocProject is a documentation generator add-in
 87 | DocProject/buildhelp/
 88 | DocProject/Help/*.HxT
 89 | DocProject/Help/*.HxC
 90 | DocProject/Help/*.hhc
 91 | DocProject/Help/*.hhk
 92 | DocProject/Help/*.hhp
 93 | DocProject/Help/Html2
 94 | DocProject/Help/html
 95 | 
 96 | # Click-Once directory
 97 | publish
 98 | 
 99 | # Others
100 | [Bb]in
101 | [Oo]bj
102 | sql
103 | TestResults
104 | *.Cache
105 | ClientBin
106 | stylecop.*
107 | ~$*
108 | *.dbmdl
109 | Generated_Code #added for RIA/Silverlight projects
110 | 
111 | # Backup & report files from converting an old project file to a newer
112 | # Visual Studio version. Backup files are not needed, because we have git ;-)
113 | _UpgradeReport_Files/
114 | Backup*/
115 | UpgradeLog*.XML
116 | 
117 | 
118 | 
119 | ############
120 | ## Windows
121 | ############
122 | 
123 | # Windows image file caches
124 | Thumbs.db
125 | 
126 | # Folder config file
127 | Desktop.ini
128 | 
129 | 
130 | #############
131 | ## Python
132 | #############
133 | 
134 | *.py[co]
135 | 
136 | # Packages
137 | *.egg
138 | *.egg-info
139 | dist
140 | build
141 | eggs
142 | parts
143 | bin
144 | var
145 | sdist
146 | develop-eggs
147 | .installed.cfg
148 | 
149 | # Installer logs
150 | pip-log.txt
151 | 
152 | # Unit test / coverage reports
153 | .coverage
154 | .tox
155 | 
156 | #Translations
157 | *.mo
158 | 
159 | #Mr Developer
160 | .mr.developer.cfg
161 | 
162 | # Mac crap
163 | .DS_Store
164 | 


--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
  1 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  2 | 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  3 | 	<modelVersion>4.0.0</modelVersion>
  4 | 	<groupId>com</groupId>
  5 | 	<artifactId>security-spr</artifactId>
  6 | 
  7 | 	<packaging>war</packaging>
  8 | 	<version>0.0.1-SNAPSHOT</version>
  9 | 
 10 | 	<name>security-spr Maven Webapp</name>
 11 | 
 12 | 	<properties>
 13 | 		<hibernate.version>4.1.7.Final</hibernate.version>
 14 | 		<mysql.connector.version>5.1.21</mysql.connector.version>
 15 | 		<slf4j.version>1.7.5</slf4j.version>
 16 | 		<spring.version>3.2.4.RELEASE</spring.version>
 17 | 		<spring.security.version>3.2.0.RC1</spring.security.version>
 18 | 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 19 | 	</properties>
 20 | 
 21 | 	<dependencies>
 22 | 		<!-- DB related dependencies -->
 23 | 		<dependency>
 24 | 			<groupId>org.hibernate</groupId>
 25 | 			<artifactId>hibernate-core</artifactId>
 26 | 			<version>${hibernate.version}</version>
 27 | 		</dependency>
 28 | 		<dependency>
 29 | 			<groupId>org.hibernate</groupId>
 30 | 			<artifactId>hibernate-entitymanager</artifactId>
 31 | 			<version>${hibernate.version}</version>
 32 | 		</dependency>
 33 | 
 34 | 		<dependency>
 35 | 			<groupId>mysql</groupId>
 36 | 			<artifactId>mysql-connector-java</artifactId>
 37 | 			<version>${mysql.connector.version}</version>
 38 | 		</dependency>
 39 | 		<dependency>
 40 | 			<groupId>commons-dbcp</groupId>
 41 | 			<artifactId>commons-dbcp</artifactId>
 42 | 			<version>1.4</version>
 43 | 		</dependency>
 44 | 		<dependency>
 45 | 			<groupId>javassist</groupId>
 46 | 			<artifactId>javassist</artifactId>
 47 | 			<version>3.12.1.GA</version>
 48 | 		</dependency>
 49 | 
 50 | 		<!-- SPRING -->
 51 | 		<dependency>
 52 | 			<groupId>org.springframework</groupId>
 53 | 			<artifactId>spring-webmvc</artifactId>
 54 | 			<version>${spring.version}</version>
 55 | 			<exclusions>
 56 | 				<exclusion>
 57 | 					<groupId>commons-logging</groupId>
 58 | 					<artifactId>commons-logging</artifactId>
 59 | 				</exclusion>
 60 | 			</exclusions>
 61 | 		</dependency>
 62 | 		<dependency>
 63 | 			<groupId>org.springframework</groupId>
 64 | 			<artifactId>spring-tx</artifactId>
 65 | 			<version>${spring.version}</version>
 66 | 		</dependency>
 67 | 		<dependency>
 68 | 			<groupId>org.springframework</groupId>
 69 | 			<artifactId>spring-jdbc</artifactId>
 70 | 			<version>${spring.version}</version>
 71 | 		</dependency>
 72 | 		<dependency>
 73 | 			<groupId>org.springframework</groupId>
 74 | 			<artifactId>spring-orm</artifactId>
 75 | 			<version>${spring.version}</version>
 76 | 		</dependency>
 77 | 		<!-- CGLIB is required to process @Configuration classes -->
 78 | 		<dependency>
 79 | 			<groupId>cglib</groupId>
 80 | 			<artifactId>cglib</artifactId>
 81 | 			<version>2.2.2</version>
 82 | 		</dependency>
 83 | 		<!-- Spring Security -->
 84 | 		<dependency>
 85 | 			<groupId>org.springframework.security</groupId>
 86 | 			<artifactId>spring-security-core</artifactId>
 87 | 			<version>${spring.security.version}</version>
 88 | 		</dependency>
 89 | 		<dependency>
 90 | 			<groupId>org.springframework.security</groupId>
 91 | 			<artifactId>spring-security-web</artifactId>
 92 | 			<version>${spring.security.version}</version>
 93 | 		</dependency>
 94 | 		<dependency>
 95 | 			<groupId>org.springframework.security</groupId>
 96 | 			<artifactId>spring-security-config</artifactId>
 97 | 			<version>${spring.security.version}</version>
 98 | 		</dependency>
 99 | 		<dependency>
100 | 			<groupId>org.springframework.security</groupId>
101 | 			<artifactId>spring-security-javaconfig</artifactId>
102 | 			<version>1.0.0.M1</version>
103 | 		</dependency>
104 | 		<!-- Other -->
105 | 		<dependency>
106 | 			<groupId>javax.servlet</groupId>
107 | 			<artifactId>javax.servlet-api</artifactId>
108 | 			<version>3.0.1</version>
109 | 			<scope>provided</scope>
110 | 		</dependency>
111 | 		<dependency>
112 | 			<groupId>jstl</groupId>
113 | 			<artifactId>jstl</artifactId>
114 | 			<version>1.2</version>
115 | 		</dependency>
116 | 
117 | 		<!-- Test -->
118 | 		<dependency>
119 | 			<groupId>junit</groupId>
120 | 			<artifactId>junit</artifactId>
121 | 			<version>4.7</version>
122 | 			<scope>test</scope>
123 | 		</dependency>
124 | 	</dependencies>
125 | 
126 | 	<repositories>
127 | 		<repository>
128 | 			<id>repository.springsource.milestone</id>
129 | 			<name>SpringSource Milestone Repository</name>
130 | 			<url>http://repo.springsource.org/milestone</url>
131 | 		</repository>
132 | 	</repositories>
133 | 
134 | 	<build>
135 | 		<finalName>security-spr</finalName>
136 | 		<plugins>
137 | 			<plugin>
138 | 				<artifactId>maven-compiler-plugin</artifactId>
139 | 				<version>2.3.2</version>
140 | 				<configuration>
141 | 					<source>1.7</source>
142 | 					<target>1.7</target>
143 | 				</configuration>
144 | 			</plugin>
145 | 		</plugins>
146 | 	</build>
147 | 
148 | </project>
149 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/controller/LinkNavigation.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.controller;
 2 | 
 3 | import org.springframework.stereotype.Controller;
 4 | import org.springframework.web.bind.annotation.RequestMapping;
 5 | import org.springframework.web.bind.annotation.RequestMethod;
 6 | import org.springframework.web.servlet.ModelAndView;
 7 | 
 8 | @Controller
 9 | public class LinkNavigation {
10 | 	
11 | 	@RequestMapping(value="/", method=RequestMethod.GET)
12 | 	public ModelAndView homePage() {
13 | 		return new ModelAndView("home");
14 | 	}
15 | 	
16 | 	@RequestMapping(value="/index", method=RequestMethod.GET)
17 | 	public ModelAndView indexPage() {
18 | 		return new ModelAndView("home");
19 | 	}
20 | 	
21 | 	@RequestMapping(value="/sec/moderation", method=RequestMethod.GET)
22 | 	public ModelAndView moderatorPage() {
23 | 		return new ModelAndView("moderation");
24 | 	}
25 | 	
26 | 	@RequestMapping(value="/admin/first", method=RequestMethod.GET)
27 | 	public ModelAndView firstAdminPage() {
28 | 		return new ModelAndView("admin-first");
29 | 	}
30 | 	
31 | 	@RequestMapping(value="/admin/second", method=RequestMethod.GET)
32 | 	public ModelAndView secondAdminPage() {
33 | 		return new ModelAndView("admin-second");
34 | 	}
35 | 
36 | }
37 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/controller/SecurityNavigation.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.controller;
 2 | 
 3 | import org.springframework.stereotype.Controller;
 4 | import org.springframework.web.bind.annotation.RequestMapping;
 5 | import org.springframework.web.bind.annotation.RequestMethod;
 6 | import org.springframework.web.servlet.ModelAndView;
 7 | 
 8 | @Controller
 9 | public class SecurityNavigation {
10 | 	
11 | 	@RequestMapping(value="/user-login", method=RequestMethod.GET)
12 | 	public ModelAndView loginForm() {
13 | 		return new ModelAndView("login-form");
14 | 	}
15 | 	
16 | 	@RequestMapping(value="/error-login", method=RequestMethod.GET)
17 | 	public ModelAndView invalidLogin() {
18 | 		ModelAndView modelAndView = new ModelAndView("login-form");
19 | 		modelAndView.addObject("error", true);
20 | 		return modelAndView;
21 | 	}
22 | 	
23 | 	@RequestMapping(value="/success-login", method=RequestMethod.GET)
24 | 	public ModelAndView successLogin() {
25 | 		return new ModelAndView("success-login");
26 | 	}
27 | 
28 | }
29 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/dao/RoleDAO.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.dao;
 2 | 
 3 | import com.sprsec.model.Role;
 4 | 
 5 | public interface RoleDAO {
 6 | 	
 7 | 	public Role getRole(int id);
 8 | 
 9 | }
10 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/dao/RoleDAOImpl.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.dao;
 2 | 
 3 | import org.springframework.beans.factory.annotation.Autowired;
 4 | import org.springframework.stereotype.Repository;
 5 | 
 6 | import org.hibernate.Session;
 7 | import org.hibernate.SessionFactory;
 8 | 
 9 | import com.sprsec.model.Role;
10 | 
11 | @Repository
12 | public class RoleDAOImpl implements RoleDAO {
13 | 	
14 | 	@Autowired
15 | 	private SessionFactory sessionFactory;
16 | 	
17 | 	private Session getCurrentSession() {
18 | 		return sessionFactory.getCurrentSession();
19 | 	}
20 | 
21 | 	public Role getRole(int id) {
22 | 		Role role = (Role) getCurrentSession().load(Role.class, id);
23 | 		return role;
24 | 	}
25 | 
26 | }
27 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/dao/UserDAO.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.dao;
 2 | 
 3 | import com.sprsec.model.User;
 4 | 
 5 | public interface UserDAO {
 6 | 	
 7 | 	public User getUser(String login);
 8 | 
 9 | }
10 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/dao/UserDAOImpl.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.dao;
 2 | 
 3 | import java.util.ArrayList;
 4 | import java.util.List;
 5 | 
 6 | import org.springframework.beans.factory.annotation.Autowired;
 7 | import org.hibernate.Query;
 8 | import org.hibernate.Session;
 9 | import org.hibernate.SessionFactory;
10 | import org.springframework.stereotype.Repository;
11 | 
12 | import com.sprsec.model.User;
13 | 
14 | @Repository
15 | public class UserDAOImpl implements UserDAO {
16 | 	
17 | 	@Autowired
18 | 	private SessionFactory sessionFactory;
19 | 	
20 | 	private Session openSession() {
21 | 		return sessionFactory.getCurrentSession();
22 | 	}
23 | 
24 | 	public User getUser(String login) {
25 | 		List<User> userList = new ArrayList<User>();
26 | 		Query query = openSession().createQuery("from User u where u.login = :login");
27 | 		query.setParameter("login", login);
28 | 		userList = query.list();
29 | 		if (userList.size() > 0)
30 | 			return userList.get(0);
31 | 		else
32 | 			return null;	
33 | 	}
34 | 
35 | }
36 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/init/Initializer.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.init;
 2 | 
 3 | import org.springframework.core.annotation.Order;
 4 | import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
 5 | 
 6 | @Order(1)
 7 | public class Initializer extends
 8 | 		AbstractAnnotationConfigDispatcherServletInitializer {
 9 | 
10 | 	@Override
11 | 	protected Class<?>[] getRootConfigClasses() {
12 | 		return new Class[] { RootConfig.class, SecurityConfig.class };
13 | 	}
14 | 
15 | 	@Override
16 | 	protected Class<?>[] getServletConfigClasses() {
17 | 		return new Class[] { WebAppConfig.class };
18 | 	}
19 | 
20 | 	@Override
21 | 	protected String[] getServletMappings() {
22 | 		return new String[] { "/" };
23 | 	}
24 | 
25 | }
26 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/init/RootConfig.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.init;
 2 | 
 3 | import java.util.Properties;
 4 | 
 5 | import javax.annotation.Resource;
 6 | import javax.sql.DataSource;
 7 | 
 8 | import org.springframework.context.annotation.Bean;
 9 | import org.springframework.context.annotation.ComponentScan;
10 | import org.springframework.context.annotation.Configuration;
11 | import org.springframework.context.annotation.PropertySource;
12 | import org.springframework.core.env.Environment;
13 | import org.springframework.jdbc.datasource.DriverManagerDataSource;
14 | import org.springframework.orm.hibernate4.HibernateTransactionManager;
15 | import org.springframework.orm.hibernate4.LocalSessionFactoryBean;
16 | import org.springframework.transaction.annotation.EnableTransactionManagement;
17 | 
18 | @Configuration
19 | @EnableTransactionManagement
20 | @ComponentScan("com.sprsec")
21 | @PropertySource("classpath:application.properties")
22 | public class RootConfig {
23 | 	
24 |     private static final String PROPERTY_NAME_DATABASE_DRIVER = "db.driver";
25 |     private static final String PROPERTY_NAME_DATABASE_PASSWORD = "db.password";
26 |     private static final String PROPERTY_NAME_DATABASE_URL = "db.url";
27 |     private static final String PROPERTY_NAME_DATABASE_USERNAME = "db.username";
28 | 	
29 |     private static final String PROPERTY_NAME_HIBERNATE_DIALECT = "hibernate.dialect";
30 |     private static final String PROPERTY_NAME_HIBERNATE_SHOW_SQL = "hibernate.show_sql";
31 |     private static final String PROPERTY_NAME_ENTITYMANAGER_PACKAGES_TO_SCAN = "entitymanager.packages.to.scan";
32 |     	
33 | 	@Resource
34 | 	private Environment env;
35 | 	
36 | 	@Bean
37 | 	public DataSource dataSource() {
38 | 		DriverManagerDataSource dataSource = new DriverManagerDataSource();
39 | 		
40 | 		dataSource.setDriverClassName(env.getRequiredProperty(PROPERTY_NAME_DATABASE_DRIVER));
41 | 		dataSource.setUrl(env.getRequiredProperty(PROPERTY_NAME_DATABASE_URL));
42 | 		dataSource.setUsername(env.getRequiredProperty(PROPERTY_NAME_DATABASE_USERNAME));
43 | 		dataSource.setPassword(env.getRequiredProperty(PROPERTY_NAME_DATABASE_PASSWORD));
44 | 		
45 | 		return dataSource;
46 | 	}
47 | 	
48 | 	@Bean
49 | 	public LocalSessionFactoryBean sessionFactory() {
50 | 		LocalSessionFactoryBean sessionFactoryBean = new LocalSessionFactoryBean();
51 | 		sessionFactoryBean.setDataSource(dataSource());
52 | 		sessionFactoryBean.setPackagesToScan(env.getRequiredProperty(PROPERTY_NAME_ENTITYMANAGER_PACKAGES_TO_SCAN));
53 | 		sessionFactoryBean.setHibernateProperties(hibProperties());
54 | 		return sessionFactoryBean;
55 | 	}
56 | 	
57 | 	private Properties hibProperties() {
58 | 		Properties properties = new Properties();
59 | 		properties.put(PROPERTY_NAME_HIBERNATE_DIALECT, env.getRequiredProperty(PROPERTY_NAME_HIBERNATE_DIALECT));
60 | 		properties.put(PROPERTY_NAME_HIBERNATE_SHOW_SQL, env.getRequiredProperty(PROPERTY_NAME_HIBERNATE_SHOW_SQL));
61 | 		return properties;	
62 | 	}
63 | 	
64 | 	@Bean
65 | 	public HibernateTransactionManager transactionManager() {
66 | 		HibernateTransactionManager transactionManager = new HibernateTransactionManager();
67 | 		transactionManager.setSessionFactory(sessionFactory().getObject());
68 | 		return transactionManager;
69 | 	}
70 | }
71 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/init/SecurityConfig.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.init;
 2 | 
 3 | import javax.sql.DataSource;
 4 | 
 5 | import org.springframework.beans.factory.annotation.Autowired;
 6 | import org.springframework.context.annotation.Configuration;
 7 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 8 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 9 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
10 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
11 | 
12 | import com.sprsec.service.CustomUserDetailsService;
13 | 
14 | @Configuration
15 | @EnableWebSecurity
16 | public class SecurityConfig extends WebSecurityConfigurerAdapter {
17 | 
18 | 	@Autowired
19 | 	private DataSource dataSource;
20 | 
21 | 	@Autowired
22 | 	private CustomUserDetailsService customUserDetailsService;
23 | 
24 | 	@Override
25 | 	protected void registerAuthentication(AuthenticationManagerBuilder auth) throws Exception {
26 | 		auth.jdbcAuthentication().dataSource(dataSource);
27 | 	}
28 | 
29 | 	@Override
30 | 	protected void configure(HttpSecurity http) throws Exception {
31 | 		http.userDetailsService(customUserDetailsService)
32 | 			.authorizeRequests()
33 | 			.antMatchers("/sec/moderation.html").hasRole("MODERATOR")
34 | 			.antMatchers("/admin/**").hasRole("ADMIN")
35 | 			.and()
36 | 			.formLogin()
37 | 			.loginPage("/user-login.html")
38 | 			.defaultSuccessUrl("/success-login.html")
39 | 			.failureUrl("/error-login.html")
40 | 			.permitAll()
41 | 			.and()
42 | 			.logout()
43 | 			.logoutSuccessUrl("/index.html");
44 | 	}
45 | 
46 | }
47 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/init/SecurityInitializer.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.init;
 2 | 
 3 | import org.springframework.core.annotation.Order;
 4 | import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
 5 | 
 6 | @Order(2)
 7 | public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer {
 8 | 
 9 | }
10 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/init/WebAppConfig.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.init;
 2 | 
 3 | import org.springframework.context.annotation.Bean;
 4 | import org.springframework.context.annotation.ComponentScan;
 5 | import org.springframework.context.annotation.Configuration;
 6 | import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 7 | import org.springframework.web.servlet.view.JstlView;
 8 | import org.springframework.web.servlet.view.UrlBasedViewResolver;
 9 | 
10 | @Configuration
11 | @EnableWebMvc
12 | @ComponentScan("com.sprsec.controller")
13 | public class WebAppConfig {
14 | 	
15 | 	@Bean
16 | 	public UrlBasedViewResolver setupViewResolver() {
17 | 		UrlBasedViewResolver resolver = new UrlBasedViewResolver();
18 | 		resolver.setPrefix("/WEB-INF/pages/");
19 | 		resolver.setSuffix(".jsp");
20 | 		resolver.setViewClass(JstlView.class);
21 | 		return resolver;
22 | 	}
23 | }
24 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/model/Role.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.model;
 2 | 
 3 | import java.util.Set;
 4 | 
 5 | import javax.persistence.CascadeType;
 6 | import javax.persistence.Entity;
 7 | import javax.persistence.GeneratedValue;
 8 | import javax.persistence.Id;
 9 | import javax.persistence.JoinColumn;
10 | import javax.persistence.JoinTable;
11 | import javax.persistence.OneToMany;
12 | import javax.persistence.Table;
13 | 
14 | @Entity
15 | @Table(name="roles")
16 | public class Role {
17 | 	
18 | 	@Id
19 | 	@GeneratedValue
20 | 	private Integer id;
21 | 	
22 | 	private String role;
23 | 	
24 | 	@OneToMany(cascade=CascadeType.ALL)
25 | 	@JoinTable(name="user_roles", 
26 | 		joinColumns = {@JoinColumn(name="role_id", referencedColumnName="id")},
27 | 		inverseJoinColumns = {@JoinColumn(name="user_id", referencedColumnName="id")}
28 | 	)
29 | 	private Set<User> userRoles;
30 | 
31 | 	public Integer getId() {
32 | 		return id;
33 | 	}
34 | 
35 | 	public void setId(Integer id) {
36 | 		this.id = id;
37 | 	}
38 | 
39 | 	public String getRole() {
40 | 		return role;
41 | 	}
42 | 
43 | 	public void setRole(String role) {
44 | 		this.role = role;
45 | 	}
46 | 
47 | 	public Set<User> getUserRoles() {
48 | 		return userRoles;
49 | 	}
50 | 
51 | 	public void setUserRoles(Set<User> userRoles) {
52 | 		this.userRoles = userRoles;
53 | 	}
54 | 	
55 | }
56 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/model/User.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.model;
 2 | 
 3 | import javax.persistence.CascadeType;
 4 | import javax.persistence.Entity;
 5 | import javax.persistence.GeneratedValue;
 6 | import javax.persistence.Id;
 7 | import javax.persistence.JoinColumn;
 8 | import javax.persistence.JoinTable;
 9 | import javax.persistence.OneToOne;
10 | import javax.persistence.Table;
11 | 
12 | @Entity
13 | @Table(name="users")
14 | public class User {
15 | 	
16 | 	@Id
17 | 	@GeneratedValue
18 | 	private Integer id;
19 | 	
20 | 	private String login;
21 | 	
22 | 	private String password;
23 | 	
24 | 	@OneToOne(cascade=CascadeType.ALL)
25 | 	@JoinTable(name="user_roles",
26 | 		joinColumns = {@JoinColumn(name="user_id", referencedColumnName="id")},
27 | 		inverseJoinColumns = {@JoinColumn(name="role_id", referencedColumnName="id")}
28 | 	)
29 | 	private Role role;
30 | 
31 | 	public Integer getId() {
32 | 		return id;
33 | 	}
34 | 
35 | 	public void setId(Integer id) {
36 | 		this.id = id;
37 | 	}
38 | 
39 | 	public String getLogin() {
40 | 		return login;
41 | 	}
42 | 
43 | 	public void setLogin(String login) {
44 | 		this.login = login;
45 | 	}
46 | 
47 | 	public String getPassword() {
48 | 		return password;
49 | 	}
50 | 
51 | 	public void setPassword(String password) {
52 | 		this.password = password;
53 | 	}
54 | 
55 | 	public Role getRole() {
56 | 		return role;
57 | 	}
58 | 
59 | 	public void setRole(Role role) {
60 | 		this.role = role;
61 | 	}	
62 | 
63 | }
64 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/service/CustomUserDetailsService.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.service;
 2 | 
 3 | import java.util.ArrayList;
 4 | import java.util.Collection;
 5 | import java.util.List;
 6 | 
 7 | import org.springframework.beans.factory.annotation.Autowired;
 8 | import org.springframework.security.core.GrantedAuthority;
 9 | import org.springframework.security.core.authority.SimpleGrantedAuthority;
10 | import org.springframework.security.core.userdetails.User;
11 | import org.springframework.security.core.userdetails.UserDetails;
12 | import org.springframework.security.core.userdetails.UserDetailsService;
13 | import org.springframework.security.core.userdetails.UsernameNotFoundException;
14 | import org.springframework.stereotype.Service;
15 | import org.springframework.transaction.annotation.Transactional;
16 | 
17 | import com.sprsec.dao.UserDAO;
18 | 
19 | @Service
20 | @Transactional(readOnly=true)
21 | public class CustomUserDetailsService implements UserDetailsService {
22 | 	
23 | 	@Autowired
24 | 	private UserDAO userDAO;	
25 | 
26 | 	public UserDetails loadUserByUsername(String login)
27 | 			throws UsernameNotFoundException {
28 | 		
29 | 		com.sprsec.model.User domainUser = userDAO.getUser(login);
30 | 		
31 | 		boolean enabled = true;
32 | 		boolean accountNonExpired = true;
33 | 		boolean credentialsNonExpired = true;
34 | 		boolean accountNonLocked = true;
35 | 
36 | 		return new User(
37 | 				domainUser.getLogin(), 
38 | 				domainUser.getPassword(), 
39 | 				enabled, 
40 | 				accountNonExpired, 
41 | 				credentialsNonExpired, 
42 | 				accountNonLocked,
43 | 				getAuthorities(domainUser.getRole().getId())
44 | 		);
45 | 	}
46 | 	
47 | 	public Collection<? extends GrantedAuthority> getAuthorities(Integer role) {
48 | 		List<GrantedAuthority> authList = getGrantedAuthorities(getRoles(role));
49 | 		return authList;
50 | 	}
51 | 	
52 | 	public List<String> getRoles(Integer role) {
53 | 
54 | 		List<String> roles = new ArrayList<String>();
55 | 
56 | 		if (role.intValue() == 1) {
57 | 			roles.add("ROLE_MODERATOR");
58 | 			roles.add("ROLE_ADMIN");
59 | 		} else if (role.intValue() == 2) {
60 | 			roles.add("ROLE_MODERATOR");
61 | 		}
62 | 		return roles;
63 | 	}
64 | 	
65 | 	public static List<GrantedAuthority> getGrantedAuthorities(List<String> roles) {
66 | 		List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
67 | 		
68 | 		for (String role : roles) {
69 | 			authorities.add(new SimpleGrantedAuthority(role));
70 | 		}
71 | 		return authorities;
72 | 	}
73 | 
74 | }
75 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/service/RoleService.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.service;
 2 | 
 3 | import com.sprsec.model.Role;
 4 | 
 5 | public interface RoleService {
 6 | 	
 7 | 	public Role getRole(int id);
 8 | 
 9 | }
10 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/service/RoleServiceImpl.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.service;
 2 | 
 3 | import org.springframework.beans.factory.annotation.Autowired;
 4 | import org.springframework.stereotype.Service;
 5 | import org.springframework.transaction.annotation.Transactional;
 6 | 
 7 | import com.sprsec.dao.RoleDAO;
 8 | import com.sprsec.model.Role;
 9 | 
10 | @Service
11 | @Transactional
12 | public class RoleServiceImpl implements RoleService {
13 | 	
14 | 	@Autowired
15 | 	private RoleDAO roleDAO;
16 | 
17 | 	public Role getRole(int id) {
18 | 		return roleDAO.getRole(id);
19 | 	}
20 | 
21 | }
22 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/service/UserService.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.service;
 2 | 
 3 | import com.sprsec.model.User;
 4 | 
 5 | public interface UserService {
 6 | 	
 7 | 	public User getUser(String login);
 8 | 
 9 | }
10 | 


--------------------------------------------------------------------------------
/src/main/java/com/sprsec/service/UserServiceImpl.java:
--------------------------------------------------------------------------------
 1 | package com.sprsec.service;
 2 | 
 3 | import org.springframework.transaction.annotation.Transactional;
 4 | 
 5 | 
 6 | import org.springframework.beans.factory.annotation.Autowired;
 7 | import org.springframework.stereotype.Service;
 8 | 
 9 | import com.sprsec.dao.UserDAO;
10 | import com.sprsec.model.User;
11 | 
12 | @Service
13 | @Transactional
14 | public class UserServiceImpl implements UserService {
15 | 	
16 | 	@Autowired
17 | 	private UserDAO userDAO;
18 | 
19 | 	public User getUser(String login) {
20 | 		return userDAO.getUser(login);
21 | 	}
22 | 
23 | }
24 | 


--------------------------------------------------------------------------------
/src/main/resources/application.properties:
--------------------------------------------------------------------------------
 1 | #DB properties:
 2 | db.driver=com.mysql.jdbc.Driver
 3 | db.url=jdbc:mysql://localhost:3306/hibnatedb
 4 | db.username=hibuser
 5 | db.password=root
 6 | 
 7 | #Hibernate Configuration:
 8 | hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect
 9 | hibernate.show_sql=true
10 | entitymanager.packages.to.scan=com.sprsec.model


--------------------------------------------------------------------------------
/src/main/webapp/META-INF/MANIFEST.MF:
--------------------------------------------------------------------------------
1 | Manifest-Version: 1.0
2 | Built-By: Fruzenshtein
3 | Build-Jdk: 1.7.0_09
4 | Created-By: Maven Integration for Eclipse
5 | 
6 | 


--------------------------------------------------------------------------------
/src/main/webapp/META-INF/maven/com/security-spr/pom.properties:
--------------------------------------------------------------------------------
1 | #Generated by Maven Integration for Eclipse
2 | #Tue Apr 30 17:02:56 EEST 2013
3 | version=0.0.1-SNAPSHOT
4 | groupId=com
5 | m2e.projectName=security-spr
6 | m2e.projectLocation=E\:\\spring_progs\\security-spr
7 | artifactId=security-spr
8 | 


--------------------------------------------------------------------------------
/src/main/webapp/META-INF/maven/com/security-spr/pom.xml:
--------------------------------------------------------------------------------
  1 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  2 | 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  3 | 	<modelVersion>4.0.0</modelVersion>
  4 | 	<groupId>com</groupId>
  5 | 	<artifactId>security-spr</artifactId>
  6 | 
  7 | 	<packaging>war</packaging>
  8 | 	<version>0.0.1-SNAPSHOT</version>
  9 | 
 10 | 	<name>security-spr Maven Webapp</name>
 11 | 
 12 | 	<properties>
 13 | 		<hibernate.version>4.1.7.Final</hibernate.version>
 14 | 		<mysql.connector.version>5.1.21</mysql.connector.version>
 15 | 		<slf4j.version>1.6.6</slf4j.version>
 16 | 		<spring.version>3.1.3.RELEASE</spring.version>
 17 | 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 18 | 	</properties>
 19 | 
 20 | 	<dependencies>
 21 | 		<!-- DB related dependencies -->
 22 | 		<dependency>
 23 | 			<groupId>org.hibernate</groupId>
 24 | 			<artifactId>hibernate-core</artifactId>
 25 | 			<version>${hibernate.version}</version>
 26 | 		</dependency>
 27 | 		<dependency>
 28 | 			<groupId>org.hibernate</groupId>
 29 | 			<artifactId>hibernate-entitymanager</artifactId>
 30 | 			<version>${hibernate.version}</version>
 31 | 		</dependency>
 32 | 
 33 | 		<dependency>
 34 | 			<groupId>mysql</groupId>
 35 | 			<artifactId>mysql-connector-java</artifactId>
 36 | 			<version>${mysql.connector.version}</version>
 37 | 		</dependency>
 38 | 		<dependency>
 39 | 			<groupId>commons-dbcp</groupId>
 40 | 			<artifactId>commons-dbcp</artifactId>
 41 | 			<version>1.4</version>
 42 | 		</dependency>
 43 | 		<dependency>
 44 | 			<groupId>javassist</groupId>
 45 | 			<artifactId>javassist</artifactId>
 46 | 			<version>3.12.1.GA</version>
 47 | 		</dependency>
 48 | 
 49 | 		<!-- SPRING -->
 50 | 		<dependency>
 51 | 			<groupId>org.springframework</groupId>
 52 | 			<artifactId>spring-webmvc</artifactId>
 53 | 			<version>${spring.version}</version>
 54 | 		</dependency>
 55 | 		<dependency>
 56 | 			<groupId>org.springframework</groupId>
 57 | 			<artifactId>spring-tx</artifactId>
 58 | 			<version>${spring.version}</version>
 59 | 		</dependency>
 60 | 		<dependency>
 61 | 			<groupId>org.springframework</groupId>
 62 | 			<artifactId>spring-jdbc</artifactId>
 63 | 			<version>${spring.version}</version>
 64 | 		</dependency>
 65 | 		<dependency>
 66 | 			<groupId>org.springframework</groupId>
 67 | 			<artifactId>spring-orm</artifactId>
 68 | 			<version>${spring.version}</version>
 69 | 		</dependency>
 70 | 		<!-- CGLIB is required to process @Configuration classes -->
 71 | 		<dependency>
 72 | 			<groupId>cglib</groupId>
 73 | 			<artifactId>cglib</artifactId>
 74 | 			<version>2.2.2</version>
 75 | 		</dependency>
 76 | 		<!-- Spring Security -->
 77 | 		<dependency>
 78 | 			<groupId>org.springframework.security</groupId>
 79 | 			<artifactId>spring-security-core</artifactId>
 80 | 			<version>${spring.version}</version>
 81 | 		</dependency>
 82 | 		<dependency>
 83 | 			<groupId>org.springframework.security</groupId>
 84 | 			<artifactId>spring-security-web</artifactId>
 85 | 			<version>${spring.version}</version>
 86 | 		</dependency>
 87 | 		<dependency>
 88 | 			<groupId>org.springframework.security</groupId>
 89 | 			<artifactId>spring-security-config</artifactId>
 90 | 			<version>${spring.version}</version>
 91 | 		</dependency>
 92 | 		<!-- Other -->
 93 | 		<dependency>
 94 | 			<groupId>javax.servlet</groupId>
 95 | 			<artifactId>javax.servlet-api</artifactId>
 96 | 			<version>3.0.1</version>
 97 | 			<scope>provided</scope>
 98 | 		</dependency>
 99 | 		<dependency>
100 | 			<groupId>jstl</groupId>
101 | 			<artifactId>jstl</artifactId>
102 | 			<version>1.2</version>
103 | 		</dependency>
104 | 
105 | 		<!-- Test -->
106 | 		<dependency>
107 | 			<groupId>junit</groupId>
108 | 			<artifactId>junit</artifactId>
109 | 			<version>4.7</version>
110 | 			<scope>test</scope>
111 | 		</dependency>
112 | 	</dependencies>
113 | 
114 | 	<build>
115 | 		<finalName>security-spr</finalName>
116 | 	</build>
117 | 
118 | </project>
119 | 


--------------------------------------------------------------------------------
/src/main/webapp/WEB-INF/pages/admin-first.jsp:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="ISO-8859-1" ?>
 2 | 
 3 | <%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
 4 | 
 5 | <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
 6 |     pageEncoding="ISO-8859-1"%>
 7 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 8 | <html xmlns="http://www.w3.org/1999/xhtml">
 9 | <head>
10 | <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
11 | <title>First Admin page</title>
12 | </head>
13 | <body>
14 | <h1>First Admin page</h1>
15 | <p>
16 | <a href="<c:url value="/j_spring_security_logout" />" >Logout</a> <br/>
17 | <a href="${pageContext.request.contextPath}/index.html">Home page</a><br/>
18 | </p>
19 | </body>
20 | </html>


--------------------------------------------------------------------------------
/src/main/webapp/WEB-INF/pages/admin-second.jsp:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="ISO-8859-1" ?>
 2 | 
 3 | <%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
 4 | 
 5 | <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
 6 |     pageEncoding="ISO-8859-1"%>
 7 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 8 | <html xmlns="http://www.w3.org/1999/xhtml">
 9 | <head>
10 | <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
11 | <title>Second Admin page</title>
12 | </head>
13 | <body>
14 | <h1>Second Admin page</h1>
15 | <p>
16 | <a href="<c:url value="/j_spring_security_logout" />" >Logout</a> <br/>
17 | <a href="${pageContext.request.contextPath}/index.html">Home page</a><br/>
18 | </p>
19 | </body>
20 | </html>


--------------------------------------------------------------------------------
/src/main/webapp/WEB-INF/pages/home.jsp:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="ISO-8859-1" ?>
 2 | <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
 3 |     pageEncoding="ISO-8859-1"%>
 4 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 5 | <html xmlns="http://www.w3.org/1999/xhtml">
 6 | <head>
 7 | <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
 8 | <title>Home page</title>
 9 | </head>
10 | <body>
11 | <h1>Home page</h1>
12 | <p>This is Home page. It's available for all users.<br/>
13 | <a href="${pageContext.request.contextPath}/sec/moderation.html">Moderation page</a><br/>
14 | <a href="${pageContext.request.contextPath}/admin/first.html">First Admin page</a><br/>
15 | <a href="${pageContext.request.contextPath}/admin/second.html">Second Admin page</a><br/>
16 | </p>
17 | </body>
18 | </html>


--------------------------------------------------------------------------------
/src/main/webapp/WEB-INF/pages/login-form.jsp:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="ISO-8859-1" ?>
 2 | 
 3 | <%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
 4 | 
 5 | <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
 6 |     pageEncoding="ISO-8859-1"%>
 7 | 
 8 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 9 | <html xmlns="http://www.w3.org/1999/xhtml">
10 | <head>
11 | <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
12 | <title>Login page</title>
13 | <style>
14 | .error {
15 | 	color: red;
16 | }
17 | </style>
18 | </head>
19 | <body>
20 | <h1>Login page</h1>
21 | 
22 | <p>
23 | <c:if test="${error == true}">
24 | 	<b class="error">Invalid login or password.</b>
25 | </c:if>
26 | </p>
27 | 
28 | <form method="post" action="<c:url value='j_spring_security_check'/>" >
29 | <table>
30 | <tbody>
31 | <tr>
32 | <td>Login:</td>
33 | <td><input type="text" name="j_username" id="j_username"size="30" maxlength="40"  /></td>
34 | </tr>
35 | <tr>
36 | <td>Password:</td>
37 | <td><input type="password" name="j_password" id="j_password" size="30" maxlength="32" /></td>
38 | </tr>
39 | <tr>
40 | <td></td>
41 | <td><input type="submit" value="Login" /></td>
42 | </tr>
43 | </tbody>
44 | </table>
45 | </form>	
46 | 
47 | <p>
48 | <a href="${pageContext.request.contextPath}/index.html">Home page</a><br/>
49 | </p>
50 | </body>
51 | </html>


--------------------------------------------------------------------------------
/src/main/webapp/WEB-INF/pages/moderation.jsp:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="ISO-8859-1" ?>
 2 | 
 3 | <%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
 4 | 
 5 | <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
 6 |     pageEncoding="ISO-8859-1"%>
 7 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 8 | <html xmlns="http://www.w3.org/1999/xhtml">
 9 | <head>
10 | <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
11 | <title>Moderation page</title>
12 | </head>
13 | <body>
14 | <h1>Moderation page</h1>
15 | <p>This is Moderation page. It's available for moderators.<br/>
16 | <a href="<c:url value="/j_spring_security_logout" />" >Logout</a> <br/>
17 | <a href="${pageContext.request.contextPath}/index.html">Home page</a><br/></p>
18 | </body>
19 | </html>


--------------------------------------------------------------------------------
/src/main/webapp/WEB-INF/pages/success-login.jsp:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="ISO-8859-1" ?>
 2 | <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
 3 |     pageEncoding="ISO-8859-1"%>
 4 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 5 | <html xmlns="http://www.w3.org/1999/xhtml">
 6 | <head>
 7 | <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
 8 | <title>Welcome page</title>
 9 | </head>
10 | <body>
11 | <h1>Welcome page</h1>
12 | <p>You have successfully logged in.<br/>
13 | <a href="${pageContext.request.contextPath}/index.html">Home page</a><br/></p>
14 | </body>
15 | </html>


--------------------------------------------------------------------------------
/src/main/webapp/WEB-INF/web.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 3 | 	xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
 4 | 	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
 5 | 	version="3.0">
 6 | 
 7 | 	
 8 | 
 9 | </web-app>
10 | 


--------------------------------------------------------------------------------